AI-driven phishing, business email compromise, and account takeovers are changing how fraud happens and how effective it is. When these fraud types are successful, the payer loses the money. The vendor is left to deal with the damaging fallout.
That’s why today’s most insidious payment fraud typology isn’t stolen checks. It’s a perfectly normal payment…sent to the wrong place.
This kind of fraud is made possible by increasingly sophisticated, AI-enabled phishing attacks, business email compromise (BEC) and account takeover (ATO). However, it happens, fraud carries consequences that hit hard on both sides of the transaction. Few experience this pain more acutely than accounts receivable teams.
To understand why that is, it helps to understand what happens when fraudsters steal credentials and re-route payments.
How an Account Takeover Happens
Quietly. By the time account takeovers are discovered, payments are usually lost. Here's how a typical incident might unfold:
A fraudster uses a realistic AI‑generated email, a fake but convincing portal, or a message that seems to come from your CEO or CFO to get you to enter credentials. The fraudster then uses those to log in to your system. Bank accounts, emails, or phone details are stealthily updated by fraudsters, and then they wait. The payer follows their normal process to send an ACH payment to what they think is the vendor’s bank account, but it’s not. The payment clears. By the time the swindle is discovered, recovery windows are often closed.
The upshot in this scenario is that the payment worked as intended, but the identity was compromised. That leaves the B2B payer out of a considerable amount of money, and the vendor is left holding the reputational bag. Discussions about liability will kick in immediately, but that’s not the whole story.
“Who Is Liable?” Is Only Half the Problem
In most fraud events, it’s fair to say that:
- The payer followed their standard practices;
- The bank sees an authorized transaction;
- Recovery is slow, uncertain, and/or incomplete.
This leaves the bank and the payer frustrated and scrambling to recover funds. It also inevitably leads to finger-pointing at the vendor as all parties try to determine liability.
The vendor will ultimately get paid, even though they are often the source of the fraud. In 2025, 45% of businesses reported seeing vendor impersonations, so this makes a certain amount of sense. It also spotlights the fact that fraud is increasingly difficult to avoid, and that vendors pay a heavy price every time fraud is successfully perpetrated.
Liability will be determined, but it solves very little for any party involved. Liability discussions don’t fix cashflow gaps, repair customer trust, or reduce the time spent on calls, emails, and investigations caused by fraudulent payments. AR teams are left to deal with damage on multiple fronts, regardless of where the fault truly lies, and those issues are not debated with the rigor and frequency they deserve.
What Creates the Most Stress for AR Teams
Cash flow disruption tops the list. This happens when a vendor makes a sale, payment is sent, but the cash is slow to arrive. That can put significant strain on business operations, especially if the sale was large.
With CFO Dive noting that 86% of businesses say they struggled to collect payments on time for at least 30% of their monthly sales, a single fraud incident can add to existing cash flow issues in a way that severely impacts the business.
Damaged customer relationships are a danger when a vendor’s information is compromised, and they’re left asking the customer for a replacement payment. It’s an awkward conversation, whether with a new customer or a long-term one in good standing. The damage to a relationship from a fraud incident can be lasting, if not permanent.
Internal escalation comes next in terms of bad outcomes from a fraud incident. Finance, legal, IT, and leadership get involved. Time is lost, and internal trust is broken, while an investigation and its aftereffects can last weeks or even months. This inevitably proves costly.
Then there’s the added pressure on AR staff. Lost trust can translate to direct consequences for AR, depending on company policy. Even when it’s not their fault, teams feel responsible and exposed in a way that can make doing their day-to-day jobs more difficult.
The Paymode network, which processes over $500 billion in payments annually, changes this entire equation because it isn’t just a faster way to get paid. Paymode offers a secure identity layer between vendors and payers, and between businesses and fraudsters, offering a particularly strong set of protections including methods that ensure:
- Vendor identity is authenticated inside a trusted network
- Bank changes don’t rely on emails and phone numbers alone
- Anomalies are flagged early, shutting down account change attempts
- Fraud attempts are intercepted before a payment is ever made
Layered multi-factor authentication, stringent validation of over 300 data points for every vendor, and a host of monitoring tools further enhance that security. Knowing full well the cash flow and reputational costs of fraud, Paymode takes extra pains to prevent it, which is why we can say we have $0 in fraud losses annually.
The ultimate goal is to ensure that internal policies, employee vigilance, and sheer luck aren’t AR’s only lines of defense.
The Takeaway
The safest payment isn’t just fast. It’s not just ACH or card. It’s the payment that can only go to you.
Ultimately, getting paid isn’t a risk; a vendor will eventually receive their money. Ensuring payment reaches the vendor’s bank account the first time is a risk in an era of outsized account takeover, BEC, and vendor impersonation fraud. Without stringent validation and authentication, plus multiple layers of protection like those offered by Paymode, that fallout becomes all too likely.
Share